GitHub Actions: repository not found

Laptop with Code in coffee shop

I’m working in private GitHub repository housing an Azure Functions project. I just used the Deployment Center feature in the Azure Portal to connect my Azure Function App to my GitHub repository, and automatically generate a GitHub actions YAML file.

That file looks something like this:

# Docs for the Azure Web Apps Deploy action: https://github.com/azure/functions-action
# More GitHub Actions for Azure: https://github.com/Azure/actions

name: Build and deploy dotnet core app to Azure Function App - my-functions

on:
  push:
    branches:
      - '*'
  workflow_dispatch:

env:
  AZURE_FUNCTIONAPP_PACKAGE_PATH: '.' # set this to the path to your web app project, defaults to the repository root
  DOTNET_VERSION: '8.0.x' # set this to the dotnet version to use

jobs:
  build-and-deploy:
    runs-on: windows-latest
    permissions:
      id-token: write #This is required for requesting the JWT

    steps:
      - name: 'Checkout GitHub Action'
        uses: actions/checkout@v4

      - name: Setup DotNet ${{ env.DOTNET_VERSION }} Environment
        uses: actions/setup-dotnet@v1
        with:
          dotnet-version: ${{ env.DOTNET_VERSION }}

      - name: 'Resolve Project Dependencies Using Dotnet'
        shell: pwsh
        run: |
          pushd './${{ env.AZURE_FUNCTIONAPP_PACKAGE_PATH }}'
          dotnet build --configuration Release --output ./output -r win-x64 -p:PublishReadyToRun=true
          popd
      
      - name: Login to Azure
        uses: azure/login@v1
        with:
          client-id: ${{ secrets.AZUREAPPSERVICE_CLIENTID_XXX }}
          tenant-id: ${{ secrets.AZUREAPPSERVICE_TENANTID_XXX }}
          subscription-id: ${{ secrets.AZUREAPPSERVICE_SUBSCRIPTIONID_XXX }}

      - name: 'Run Azure Functions Action'
        uses: Azure/functions-action@v1
        id: fa
        with:
          app-name: 'my-functions'
          slot-name: 'Production'
          package: '${{ env.AZURE_FUNCTIONAPP_PACKAGE_PATH }}/output'

After some Googling and experimentation, I found this to be the problem:

   permissions:
      id-token: write

It seems that if you’re going to specify any permissions, you need the complete set of permissions that you require. So while we’ve requested the id-token-write permission, we still need permission to read the content of the repository:

    permissions:
      contents: read
      id-token: write

Problem solved!

Sources:

https://github.com/actions/checkout/issues/254#issuecomment-1959289339

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs


Comments

Leave a Reply

Your email address will not be published. Required fields are marked *